Displaying ACL Configuration
After the above configuration, you can execute the display commands in any view to view the ACL
running information and verify the configuration.
Table 1-9 Display ACL configuration
Operation
Display a configured ACL or
all the ACLs
Display a time range or all
the time ranges
Display the information
about packet filtering
Display the information
about remaining ACL
resources (supported on
S5100-EI series only)
Example for Upper-layer Software Referencing ACLs
Example for Controlling Telnet Login Users by Source IP
Network requirements
Apply an ACL to permit users with the source IP address of 10.110.100.52 to telnet to the switch.
Network diagram
Figure 1-1 Network diagram for controlling Telnet login users by source IP
Internet
Switch
Configuration procedure
# Define ACL 2000.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] quit
# Reference ACL 2000 on VTY user interface to control Telnet login users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
display acl { all | acl-number }
display time-range { all | time-name }
display packet-filter { global | interface
interface-type interface-number | port-group
[ group-id ] | unitid unit-id | vlan [ vlan-id ] }
display acl remaining entry
PC
10.110.100.52
Command
1-12
Description
In any view.